Light Dark
June 6, 2017 By Michelle Alvarez 2 min read
Advanced Threats
Threat Intelligence

The manufacturing industry — including, but not limited to, automotive, electronics, food and beverage, textile and pharmaceutical companies — was the third most attacked sector in 2016, according to the 2017 IBM X-Force Threat Intelligence Index. In fact, the number of security incidents, which are attacks or security events reviewed by IBM security analysts and deemed worthy of deeper investigation, was almost 40 percent higher than the average across all industries.

Figure 1: Comparison of organizations monitored by IBM for 2016, cross-industry clients versus manufacturing sector clients (Source: IBM Managed Security Services data, Jan. 1 to Dec. 31, 2016).

The Manufacturing Security Picture

The top attack vector targeting manufacturing clients monitored by X-Force in 2016 was attacks incorporating malicious input data such as SQL or command injection. This vector accounted for 74 percent of the attacks, which was notably higher than the cross-industry average of 42 percent.

It’s not surprising, then, that there are considerably more outside threats than insider attacks targeted the manufacturing sector — 91 percent outsiders to 9 percent insiders. The outsiders could include well-funded fraudsters, organized crime groups and nation-state actors.

This view of the manufacturing security landscape, however, differs from the one generated from publicly disclosed incidents. Very few manufacturing sector incidents were revealed in 2016. This led IBM X-Force researchers to suspect some underreporting, perhaps because manufacturing is not as tightly regulated as industries such as financial services, health care and retail. However, the cybertheft of trade secrets from one of the world’s largest steelmakers is evidence that the threat to manufacturers’ intellectual property and operating information — this industry’s crown jewels — is very real.

Review Best Practices

A new IBM research paper focuses on the top attacks detected against the manufacturing sector. Since the No. 1 manufacturing security threat involved the use of malicious input data, centralized patching and data input sanitization are essential. We recommend reviewing the report for other best practice guidelines.

Read the complete Report: Security trends in the manufacturing industry

 |  |  |  | 
Michelle Alvarez
Manager, X-Force Strategic Threat Analysis, IBM

More from Advanced Threats
May 24, 2024

Phishing kit trends and the top 10 spoofed brands of 2023

4 min read -  The 2024 IBM X-Force Threat Intelligence Index reported that phishing was one of the top initial access vectors observed last year, accounting for 30% of incidents. To carry out their phishing campaigns, attackers often use phishing kits: a collection of tools, resources and scripts that are designed and assembled to ease deployment. Each phishing kit deployment corresponds to a single phishing attack, and a kit could be redeployed many times during a phishing campaign. IBM X-Force has analyzed thousands of…

May 16, 2024

Grandoreiro banking trojan unleashed: X-Force observing emerging global campaigns

16 min read - Since March 2024, IBM X-Force has been tracking several large-scale phishing campaigns distributing the Grandoreiro banking trojan, which is likely operated as a Malware-as-a-Service (MaaS). Analysis of the malware revealed major updates within the string decryption and domain generating algorithm (DGA), as well as the ability to use Microsoft Outlook clients on infected hosts to spread further phishing emails. The latest malware variant also specifically targets over 1500 global banks, enabling attackers to perform banking fraud in over 60 countries…

May 2, 2024

A spotlight on Akira ransomware from X-Force Incident Response and Threat Intelligence

7 min read - This article was made possible thanks to contributions from Aaron Gdanski.IBM X-Force Incident Response and Threat Intelligence teams have investigated several Akira ransomware attacks since this threat actor group emerged in March 2023. This blog will share X-Force’s unique perspective on Akira gained while observing the threat actors behind this ransomware, including commands used to deploy the ransomware, active exploitation of CVE-2023-20269 and analysis of the ransomware binary.The Akira ransomware group has gained notoriety in the current cybersecurity landscape, underscored…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature